W3C home > Mailing lists > Public > public-web-security@w3.org > January 2015

Re: [W3C Web Crypto WG] Rechartering discussion - Existing Solution

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Sat, 31 Jan 2015 18:02:57 +0100
Message-ID: <54CD0AC1.2090506@gmail.com>
To: "public-web-security@w3.org" <public-web-security@w3.org>
The general feeling among folks I talk to is that we should leave the
browser "as is" and rather settle for local security-services running
on "localhost" accessed through HTTP Redirect, XHR or WebSockets.

IMO, this is a poor solution both from security and GUI point-of-view but
OTOH it doesn't require any standardization work; it is in fact already in
extensive use for both APDU and PKCS #11 level access.

If you "Connect the Dots" you may find that the scheme above points to a
possible development path in an entirely different direction than discussed
in Mountain View.

Anders
Received on Saturday, 31 January 2015 17:03:27 UTC

This archive was generated by hypermail 2.3.1 : Saturday, 31 January 2015 17:03:28 UTC